1. Field of the Invention
The present invention relates to a security technology for a sensor network, and more particularly to a system and method for effectively pre-distributing keys, which allocate keys to sensor nodes of a distributed sensor network using not only a key pool (i.e., The Pool of Keys) configured in the form of a symmetric matrix but also an LU decomposition, and search for a common private key during the communication between the sensor nodes.
2. Description of the Related Art
Typically, a sensor network is used as a base network for implementing Ubiquitous Computing technology, and acts as a wireless network composed of several super-lightweight and low-power sensors. Many developers are conducting intensive research into the Ubiquitous Computing technology and associated application fields, such that a sensor network capable of substantially providing a user with Ubiquitous environments is being intensively discussed as the principal issue. The sensor network includes a large number of sensor nodes, such that it detects desired information using sensors and processes detected information.
However, the above-mentioned sensor network can acquire or process more various information using the sensors, and can guarantee not only integrity of a large amount of detected information but also user's privacy. In other words, in order to implement more realistic- and fluent-Ubiquitous Computing environments, application usages of the sensor network, the development of sensor technology, and sensor-network security mechanism capable of safely processing/managing detected information must be newly developed and be applied to the above-mentioned Ubiquitous Computing environments.
The sensor network has been widely used for a technical field having limited arrangement. A variety of technical fields have been widely used, for example, a real-time traffic monitoring field, a building security monitoring field (i.e., construction, fire, and physical security monitoring, etc.), a military sensing/detecting field, an earthquake activity measurement field, a real-time pollution monitoring field, a wildlife monitoring field, and a wildfire detection field, etc.
A variety of applications contained in the sensor network are dependent on safe functions of the sensor network. If the sensor network is in danger or fails to communicate with another party, a serious or critical situation may occur. If the sensor network is located under inappropriate environments or is in danger from hacking or malicious attack, the sensor network becomes of vital importance to security. In other words, if an unexpected problem occurs in the security of the sensor network, an attacker may easily tap the sensor network for information, may imitate the sensor nodes contained in the sensor network, or may intentionally provide other sensor nodes with wrong information. Therefore, a method for guaranteeing communication security between sensor nodes, and a method for establishing a private key between the sensor nodes are of importance.
In order to solve the above-mentioned problems, the conventional art has widely used an asymmetric encryption method. However, the above-mentioned conventional art is inappropriate for the distributed sensor network due to limited-energy power and calculation ability (i.e., a limited number of calculations) of the sensor nodes, such that a random Key Pre-Distribution Scheme is recently proposed to solve the above-mentioned problems. However, the above-mentioned random Key Pre-Distribution Scheme also has a disadvantage in that it cannot guarantee a process for searching for a public key during the communication between two sensor nodes.
In past years, a variety of methods for effectively managing keys have been proposed to implement the security mechanism of the sensor network, however, most methods have used a public key encryption scheme. Typically, the public key encryption scheme requires a large number of calculations, such that it is inappropriate for the sensor node because the sensor node has a battery and small memory capacity.
In order to solve the above-mentioned problem of the public key encryption scheme, a symmetric key encryption scheme has been proposed. The most principal method of the symmetric key encryption scheme is that all the sensor nodes contained in the sensor network use a single key.
However, if the single key is exposed from a single sensor node, all the data of the sensor network may be unavoidably exposed.
This problem may be solved by a Pair-Wise key scheme, however, each sensor node must store (n−1) keys in a memory such that the pair-wise scheme is inappropriate for the sensor node having limited resources. Also, the above-mentioned pair-wise scheme requires n(n−1)/2 keys, resulting in the occurrence of limited extensibility.
In order to solve the above-mentioned problems of the pair-wise scheme, a random key pre-distribution scheme has been proposed by Eschesnauer and Gligo.
The random key pre-distribution scheme creates a large number of random keys at a base station, stores the created random keys in a key pool, and selects a predetermined key set from among the key pool at random, such that the selected key sets are distributed to individual sensor nodes.
For example, it is assumed that a public key between a first key set assigned to the sensor node “A” and a second key set assigned to the sensor node “B” is set to a common private key between the A and B sensor nodes. If there is no public key between the first key set of the A sensor node and the second key set of the B sensor node, a path key is created, such that the created path key is used as a common private key.
The above-mentioned random key pre-distribution scheme is composed of two steps, i.e., an initialization step and a key setup step.
The above-mentioned initialization step is performed before the sensor nodes are arranged, selects a very large-sized key pool from among the space of all the available keys, selects a predetermined number of keys from the selected key pool at random, and stores the selected keys in a key ring of each sensor node. Each of the keys contained in the key pool has a unique identifier (ID). The key and its ID are stored in the key ring of a corresponding sensor node.
The above-mentioned key setup step is performed after the sensor nodes are arranged. A sensor node broadcasts IDs of keys contained in its own key ring. A neighboring sensor node of the above-mentioned sensor node compares the broadcast ID with its own key-ring ID, and determines whether it has the same public key as that of the above-mentioned sensor node. If it is determined that the key ring of the neighboring sensor node has the same public key as that of the above-mentioned sensor node, a session key is established via a challenge/response protocol. If there is no public key in the key ring, a path key is established via the neighboring sensor at which the session key has been established.
A first representative example of the above-mentioned key distribution techniques has been disclosed in Korean Patent Registration No. 10-0525867, entitled “METHOD FOR CONTROLLING SECURITY OF WIRELESS LAN USING DYNAMIC RE-KEYING”, issued on Oct. 26, 2005, which is hereby incorporated by reference.
The above-mentioned first key distribution method of the Korean Patent Registration No. 10-0525867 creates a new master security key when a client terminal is initially authenticated and secured, sets the created master security key to a data encryption key, and provides the client terminal with the set master security key acting as the data encryption key, such that a dynamic encryption key distribution is performed, resulting in the reduction of server load. In order to perform the above-mentioned operations, the first key distribution method includes: performing not only initial authentication between the client terminal and an authentication/security server but also a security process between them; creating a new master security key on the basis of the result of the initial authentication and security process between the client terminal and the authentication/security server; and creating a data encryption key for data security from the new master security key, and transmitting the created data encryption key to the client terminal.
A second representative example of the above-mentioned key distribution protocol techniques has been disclosed in Korean Patent Registration No. 10-0542652, entitled “KEY DISTRIBUTION PROTOCOL METHOD FOR WIRELESS COMMUNICATION ENVIRONMENTS”, issued on Jan. 4, 2006, which is hereby incorporated by reference.
The above-mentioned first key distribution protocol method of the Korean Patent Registration No. 10-0542562 includes: sharing private information between a user and a server to provide safer- and supplementary-security requirements, such that a registration process is performed; and encrypting a random number created by the user using the private information, authenticating mutual entities using a private key of the user and the random number of the server according to a predetermined session key calculation equation, and at the same time creating the session key.
The above-mentioned conventional key distribution technology such as the first or second key distribution method cannot guarantee a public key between two desired sensor nodes which desire to communicate with each other. In other words, the above-mentioned conventional key distribution technology has a disadvantage in that it cannot search for the public key (also called “common key”) between two sensor nodes communicating with each other.
Conventional methods for implementing security of the distributed sensor network have widely used an asymmetric method such as a Deffie-Hellman key agreement or Rivest-Shamir-Adelman (RSA) method. The above-mentioned conventional methods are inappropriate for the distributed sensor network due to the limited-calculations and energy resources of the sensor nodes. In order to solve the above-mentioned problem, the conventional key pre-distribution system has a disadvantage in that it cannot always share a private key required for communication between the sensor nodes.
If a common private key between a first sensor node and a second sensor node acting as a neighboring sensor node of the first sensor node is not stored in a key ring of the first sensor node, the conventional random key pre-distribution method cannot establish a key of a desired path. Therefore, an unexpected overhead for searching for the desired path unavoidably occurs, and intermediate sensor nodes of the path must be fully trusted.
Also, the conventional random key pre-distribution method selects M keys from among the key pool at random. If there is a common private key between two sensor nodes, a neighboring malicious sensor node of the two sensor nodes may easily tap traffic data between the two sensor nodes using the common private key.